Facebook Won't Reward Khalil Shreateh, Zuckerberg's Profile Hacker

This picture shows what Khalil  posted on Zuckerberg's Profile

Facebook offers rewards for those who find security holes but for Palestinian hacker, Khalil Shreateh, Facebook refused to offer any reward because his actions violated facebook's Terms of Service as he posted the information on Zuckerberg's own profile page.

Khalil said on his blog that he submitted several reports to Facebook's "white hat" team about a site vulnerability that allowed him to post on anybody's wall, despite their security settings.

Researchers who submit a full description of a flaw, plus proof of its existence to Facebook's security page can get rewards of at least $500, but the second time Khalil submitted the error, he received an e-mail telling him "I am sorry this is not a bug."

Finally, Khalil decided to post on Zuckerberg's wall to prove that he'd found a bug. His post read: "First sorry for breaking your privacy and post to your wall, i has no other choice to make after all the reports i sent to Facebook team. My name is KHALIL from Palestine. "

His reward for exposing the flaw was having his Facebook account disabled.

He later got a message saying, "We are unfortunately not able to pay you for this vulnerability because your actions violated our Terms of Service. We do hope, however, that you continue to work with us to find vulnerabilities in the site."

Facebook said it appreciates help with security but not by hacking into user accounts.

Jones said that "the more important issue here is with how the bug was demonstrated using the accounts of real people without their permission."

"We welcome and will pay out for future reports from him (and anyone else!) if they're found and demonstrated within these guidelines," Jones said on the YCombinator hacker news forum.

Popular posts from this blog

Sapphire Displays by Apple

Military Standard Rugged Android 4.1 Phone

New Asus Padfone Infinity A86 Leaked With Snapdragon 800 In Black And White